d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ed869ff019
freebsd-dev/lib/libipsec
History
Fabien Thomas bf4356266d IPsec RFC6479 support for replay window sizes up to 2^32 - 32 packets. 
Since the previous algorithm, based on bit shifting, does not scale
with large replay windows, the algorithm used here is based on
RFC 6479: IPsec Anti-Replay Algorithm without Bit Shifting.
The replay window will be fast to be updated, but will cost as many bits
in RAM as its size.

The previous implementation did not provide a lock on the replay window,
which may lead to replay issues.

Reviewed by:	ae
Obtained from:	emeric.poupon@stormshield.eu
Sponsored by:	Stormshield
Differential Revision:	https://reviews.freebsd.org/D8468
2016-11-25 14:44:49 +00:00
..
ipsec_dump_policy.c Add a missing break in the TCP case. 2014-04-17 10:27:18 +00:00
ipsec_get_policylen.c
ipsec_set_policy.3
ipsec_strerror.3 - change "is is" to "is" or "it is" 2011-10-16 14:30:28 +00:00
ipsec_strerror.c
ipsec_strerror.h
libpfkey.h
Makefile First pass through library packaging. 2016-02-04 21:16:35 +00:00
Makefile.depend DIRDEPS_BUILD: Regenerate without local dependencies. 2016-02-24 17:20:11 +00:00
pfkey_dump.c IPsec RFC6479 support for replay window sizes up to 2^32 - 32 packets. 2016-11-25 14:44:49 +00:00
pfkey.c IPsec RFC6479 support for replay window sizes up to 2^32 - 32 packets. 2016-11-25 14:44:49 +00:00
policy_parse.y remove redundant yyparse declarations 2012-12-05 20:28:44 +00:00
policy_token.l Improve compatibility with recent flex from flex.sourceforge.net. 2013-05-03 23:51:32 +00:00
test-policy.c Make this more compilable. 2013-03-15 09:19:19 +00:00